8ff3425f4fdd36628caec9b7839fe643093eb4f793a49927ae2166033ee1111f

Analysis

max time kernel
11s
max time network
138s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
27/05/2024, 07:56

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

786df312c2f223c112b748037795ec40_JaffaCakes118.apk
Size

9.9MB
MD5

786df312c2f223c112b748037795ec40
SHA1

6b7097eb16e078930873a19cfa49cc90e1fcfc81
SHA256

8ff3425f4fdd36628caec9b7839fe643093eb4f793a49927ae2166033ee1111f
SHA512

13c42714e4fedaaaa9ab450751282829c5690838dbb9af925e5ec9ece44ba5a968497dd2891e18e846876a1d4df379e82876848a99a3ade61eec40033b078f71
SSDEEP

196608:xhEdHNCB/zsBzrZqy/UPKvflvswxCPaOzV5I53R6bYQh89qgjAN5My4LbmC5:QfDBz4y/UPKFEOOx5In6Hh8MguR4LN

Score

8^/10

collection discovery evasion persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 1 IoCs

evasion

System Information Discovery

T1426

ioc	Process
/sbin/su	to.talk

Queries account information for other applications stored on the device 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect account information stored on the device.

collection

Stored Application Data

T1409

description	ioc	Process
Framework service call	android.accounts.IAccountManager.getAccountsAsUser	to.talk

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	to.talk

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	to.talk

Queries the phone number (MSISDN for GSM devices) 1 TTPs
discovery

System Network Configuration Discovery
T1422

Reads the contacts stored on the device. 1 TTPs 1 IoCs

collection

Contact List

T1636.003

description	ioc	Process
URI accessed for read	content://com.android.contacts/data/phones	to.talk

Reads the content of the SMS messages. 1 TTPs 1 IoCs

collection

SMS Messages

T1636.004

description	ioc	Process
URI accessed for read	content://sms/	to.talk

Reads the content of the call log. 1 TTPs 1 IoCs

collection

Call Log

T1636.002

description	ioc	Process
URI accessed for read	content://call_log/calls	to.talk

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	to.talk

Checks if the internet connection is available 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	to.talk

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

to.talk
1⤵
- Checks if the Android device is rooted.
- Queries account information for other applications stored on the device
- Queries information about the current Wi-Fi connection
- Queries the mobile country code (MCC)
- Reads the contacts stored on the device.
- Reads the content of the SMS messages.
- Reads the content of the call log.
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
PID:4312

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Protected User Data

T1636

Call Log

T1636.002

Contact List

T1636.003

SMS Messages

T1636.004

Stored Application Data

T1409

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/to.talk/databases/mixpanel

Filesize
28KB

MD5
978e87524e0e6d80e25bd7703df00bce

SHA1
ce115de0f23edf2b09441357f417ece59de17060

SHA256
1dc8d51798b554657aee85562ea2d99b16cbede3864ee8b0017d8d87fdbfaa27

SHA512
abbc592d074c9363882eff59e3a49fce39172ca35f2484e3ec1ce7619f644ef63b5ef929be220b94e7df6c0f38ce1ec71d8370a9e090576a511f66e6f1150b57

Download Submit
/data/data/to.talk/databases/mixpanel

Filesize
28KB

MD5
4bc6e90eef0c9f40a0841841e344639e

SHA1
537642e8c46edbde6031c850d95625403df4563d

SHA256
f219e8aa78ee85068027979b9133d55d84b71e1cb003ab4a3380983e45ae8f1e

SHA512
4d3ccfd3afb2fe1f60f8a0420fa81c561898f09710c7c35e56e43b7af46c5a0071a541da941079e4ef20e7072e3d93cae07711ffd09b8d40147faf84caf795de

Download Submit
/data/data/to.talk/databases/mixpanel

Filesize
28KB

MD5
103f78622076b60e8f59f05bec162d85

SHA1
e42d17860e5b6360cd179aab9e5bc83fc1f93ce2

SHA256
b13820dd76bc1fe5c21b704f69f2216f39aec0f2c98a244a19ee6e233810ffc9

SHA512
c54301ecc1c57365d7bf795ff8798e7f770974036cadc978d627d58ece039595862f4bd905ccea25329e970c4b807de10ca5a7af67a14480ce93ec9567f86be6

Download Submit
/data/data/to.talk/databases/mixpanel

Filesize
28KB

MD5
fa609fbd5f1b3aab7edd51fee480502a

SHA1
9514007ea45994bfb791e2d6ce019990d12c4aec

SHA256
d0fbd2f23eb706b9e2804a32a618d311c602409f11d29159cff70d5edcc1cd08

SHA512
9ee5401b9c1f35fc8b780f21313767bf858c4b46526ee3d733a08c75dc4c0dac2496146101e4fe0ff20c9e343ed7c180a03f12f79a9ad38700a20b6a129c4522

Download Submit
/data/data/to.talk/databases/mixpanel

Filesize
28KB

MD5
ecfec814cd73d651293484d1b311f134

SHA1
c467e89a404370519480f47e1ca814b6f46e9199

SHA256
60b856d6de17048d7fc1adee07182766ec36e4223d06db18b2cc578b72abed17

SHA512
68b6c8d35d4cde113c92952d7b132a3d225c10c3aa996ee9686238c0c6a19b00aedbb12ce770f76fcba0ae007349a398d5aa18ba8ce17c5a1f7308e9a549a894

Download Submit
/data/data/to.talk/databases/mixpanel

Filesize
28KB

MD5
c3db527cd1f616aa2994f315a11ed7d8

SHA1
4b346b3ea6396301119e9441469feb1a8112323a

SHA256
cead145121adf043450199025d9c1abe5fd5a4199fc9c228ec7082d644609c4b

SHA512
d703abf4bccc60dcd3063ffadbc7f8b606084b885b3f23769469e6c9921c5e4251226a4d6acfad7f1ca67ca6289ad9da51355c219d460bbf3cd1cac932b3d1cc

Download Submit
/data/data/to.talk/databases/mixpanel-journal

Filesize
512B

MD5
e2c9a8da9280869700cc7bdb9d519f64

SHA1
7320ddfed00aa8799e2e29ea2e1df1041fdc9072

SHA256
5c9136e1ca4e976017d232e51ec86965c622a83d79654517e74cc0218df444c5

SHA512
bf31783bc5f56f451a3023f778c892637c6a72cd5b2e586d26656a4f021660b336d0820faaa32a363efdcc9cfdeadb4ba865ee5c014e2440781d556df474cd81

Download Submit
/data/data/to.talk/databases/mixpanel-wal

Filesize
40KB

MD5
7b1e5967eac8ddbc7abce07af1978acc

SHA1
1bfbe5af1dfba4981e1a67c99915335e4885f73a

SHA256
9000511d317e33dd322b95a14acc0a38c22adff6901c3ae8b3866ddc71067a31

SHA512
d935d59c61138ee73a0ebcf9b1ba321f78c2e37e58bb01ff1c5bae0d47207a6b2e13ebaa7e10b9d86e79618e031a107c380e28455edc0ab05298e5b3f5670fb7

Download Submit
/data/data/to.talk/databases/mixpanel-wal

Filesize
12KB

MD5
7c5152e8a6ee9897b3cb9ba615939d2d

SHA1
3966447f2ffe11cad4d9bf07559c341c12f06ed3

SHA256
a2cf7bd056abe3e2ec8cb721d88a4870c2d59faff84c3581a725eaa5bc27f4ef

SHA512
047a279f4f308a9adfe92e75b94e532c31394b90a538232993c64edf5a4184d8a0e38d155abaa729cee4f2490ed0a4f1033477b650789da3892d8cee4453fa00

Download Submit
/data/data/to.talk/databases/mixpanel-wal

Filesize
12KB

MD5
99f4f02a371e8a12c8089e9009aa1639

SHA1
c95da28760de69bd77952e7dcd231a5e4405f521

SHA256
72c7c7b694617eda2bb32fbae957d1551428d324c64a76bc2f713ba877968384

SHA512
2ed5ab23457f644289f0ea30e195a7053c9901aed5c3bf100589f92c4f8888823aaa7fd8d844404d801c199a11d74945971978ba9aaa1ba807a836acc74d741a

Download Submit
/data/data/to.talk/databases/mixpanel-wal

Filesize
12KB

MD5
cd6c47eb022ce8d6268ccdf2f16fad8b

SHA1
fbadfa4966017e1851e5f437553923999277001b

SHA256
636216f5918d06dff8e94bb574bf98198a7f08ed7cd8a7c41279e8e1f8d58ea1

SHA512
bfc9df49984dd832d3dd2d7c5a7efc560d421d3fd56eb947c576a726f2d9f1753ff73b482f5e0bd13d0a3c46e9d5aaf3ca415889539555b3b1fd2af943e4c7c0

Download Submit
/data/data/to.talk/databases/mixpanel-wal

Filesize
12KB

MD5
bc0c53d23443ddf580d8325d5e2ebc20

SHA1
cd5a9ceca7c5aa73fae10660230360f818a3adf1

SHA256
e0592cf841e0fc21211e109c9df490f3372978809299623b45a7975e912e3293

SHA512
bc5f07898b69ff366116c4f412c763e028fdbb727d4747d9ab3863905c7605fa03f5d51937529276a3b1d2f365cba2e21adc68c13b5dd733244e50e94bfaef70

Download Submit
/data/data/to.talk/databases/mixpanel-wal

Filesize
12KB

MD5
b7d1c33f3be5d933eaa2a929c5f1c8ee

SHA1
9dd76caded937dcef7e61545f253d16286d82908

SHA256
71b3a86f3461b7362c87f96c77ddd2cc5d7243561ce2ff36b5fd71e50cda33ec

SHA512
1df5852146b82def89cc892b3f910ed5c0dc4a170880c304feaf27a845bf1ad6dc0b1ce4daa5f8ba66ce8866ec8616827ebb67eaba4788d8b3648f9d16432180

Download Submit
/data/data/to.talk/databases/pwdb.sqlite

Filesize
120KB

MD5
277d23c67bc2c221dc44b75e36a73784

SHA1
02d091df25d3b407b16dcaaa1fe8adc0cf9173d2

SHA256
c7a16d411f77f005249bbc04f17cd5a14407d0670cdd15481d495c5678532676

SHA512
55a2faea58a02afe61cfdee129869d4128e04ebfaede502f8089bc890ace154c6c105a2c3e604a88019832f18d97f0dee493823c9d919eea37d6da86fe0c1db0

Download Submit
/data/data/to.talk/databases/pwdb.sqlite-journal

Filesize
512B

MD5
0ddd6909b9290bd4b9049c65af60a289

SHA1
00639ce99af88998346eea8abada0f6ffabac2f2

SHA256
aa4c77744a1eb975e6090ee970f043b98f9690ceef602472a08c5bf764979dcd

SHA512
587e3e14dbab8e0ecff5186b8f0cb65740cd8c6454a0f1ce04b30f162ae3c2068cbb314e25e415753b9dc4b8d4def14d2c20053ea97861f39595b6e9aa57afef

Download Submit
/data/data/to.talk/databases/pwdb.sqlite-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/to.talk/databases/pwdb.sqlite-wal

Filesize
132KB

MD5
de94de1e0d598610dc9fa7fa7d83d0f8

SHA1
a13dc0c2cd63820d8c9d54fa0058599a4546ba6e

SHA256
e22e7a25f78417dde5ecce6ff2748bab7708cb260c6baeb375d05ac5e3afc325

SHA512
004d65b0c4f6a18e6102abeabffb9c51e8c4b4d6b936386aab74925bdbe61954c07c1af1709b6449b712047fa61d945396e7e26fb71b0101222612335d2b0bbf

Download Submit
/data/data/to.talk/files/Ping_1716796623126-72408

Filesize
52B

MD5
d471807d6fb6168e28222623e0227984

SHA1
9c311accf2299bdae8cf1adbc94a12611df9eef4

SHA256
9b1bfba61c3ce010153e28cde1033727e504b89baee6335737181883524a8020

SHA512
d7c2f249ef8a7b5adea2874350bbb6a5919a687a4a77ed19fe3f04af50759712beb0dfa5753b4419bdf58f18fb600e7b553893701abbe9ad327680867c2bbb92

Download Submit
/data/data/to.talk/files/crashCounter

Filesize
2B

MD5
b026324c6904b2a9cb4b88d6d61c81d1

SHA1
e5fa44f2b31c1fb553b6021e7360d07d5d91ff5e

SHA256
4355a46b19d348dc2f57c046f8ef63d4538ebb936000f3c9ee954a27460dd865

SHA512
3abb6677af34ac57c0ca5828fd94f9d886c26ce59a8ce60ecf6778079423dccff1d6f19cb655805d56098e6d38a1a710dee59523eed7511e5a9e4b8ccb3a4686

Download Submit
/data/data/to.talk/files/gaClientId

Filesize
36B

MD5
c82544fdaa37a28cde7bf9ac25245c21

SHA1
07281054afdeb25ec1064aab21c09903d1d7c7bb

SHA256
f66e87ee38e81883700dc3290ad8e34024032efdd9c36887869cf45398ff39cb

SHA512
89ad8eb89e67524e80a48bd1eaf195c62c97ca44fab5dc328190c237a6c48dcb47acbd602da609a013a6d1dc20b458630684eabdd92a554033b1c6a2ce9e393d

Download Submit
/storage/emulated/0/.bugsense

Filesize
33B

MD5
a7a5e0da893e8a54e4bb89807b89bdcf

SHA1
7ad698fd658c7dab7d0869d0b3eaafc9107b0c6c

SHA256
c1145571da22588d35cfd2fc86989d44d7272fe6a272277318dfc7b7d4b694f8

SHA512
811b765a8e8135bb46423c7dc521bf35bbe313b2488568739906eb5f8bab5535f96c55af9161cb97854adfd77c3150a3b009c7c6556c14204794b7330131a819

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads